Mozilla Firefox Vulns

win32sux · 01-08-2012, 04:14 AM

Quote:

Soroush Dalili has discovered a vulnerability in Mozilla Firefox, which can be exploited by malicious people to bypass certain security restrictions.

The vulnerability is caused due to an error when handling drag and drop events and can be exploited to bypass the same origin policy and e.g. execute script code in the context of another domain.

The vulnerability is confirmed in version 9.0.1. Other versions may also be affected.

Secunia Advisory

win32sux · 02-03-2012, 10:45 PM

Quote:

A security issue and multiple vulnerabilities have been reported in Mozilla Firefox and Thunderbird, which can be exploited by malicious, local users to disclose certain sensitive information and by malicious people to bypass certain security restrictions, disclose certain sensitive information, and compromise a user's system.

Secunia Advisory

win32sux · 02-15-2012, 12:49 AM

Quote:

A vulnerability has been reported in multiple Mozilla products, which can be exploited by malicious people to compromise a user's system.

The vulnerability is caused due to a use-after-free error in the "nsXBLDocumentInfo::ReadPrototypeBindings()" method when handling XBL bindings in a hash table and can be exploited to cause a cycle collector to call an invalid virtual function.

Successful exploitation may allow execution of arbitrary code.

Secunia Advisory

win32sux · 02-19-2012, 01:51 PM

Quote:

Mozilla has acknowledged a vulnerability in Firefox, Thunderbird, and Seamonkey, which can be exploited by malicious people to potentially compromise a user's system.

Secunia Advisory | Mozilla Security Blog Post

win32sux · 03-14-2012, 11:04 PM

Quote:

Multiple vulnerabilities have been reported in Mozilla Firefox, Thunderbird, and SeaMonkey, which can be exploited by malicious people to conduct cross-site scripting attacks, bypass certain security restrictions, disclose certain sensitive information, and compromise a user's system.

1) A use-after-free error exists within shlwapi.dll when closing a child window that uses the file open dialog.

2) An error when handling certain drag and drop actions can be exploited to conduct cross-site scripting attacks.

3) A use-after-free error exists within the "nsSMILTimeValueSpec::ConvertBetweenTimeContainers()" function when handling certain SVG animation.

4) An out-of-bounds read error in SVG filters can be exploited to disclose certain data.

5) An error when handling Content Security Policy headers can be exploited to conduct cross-site scripting attacks.

6) An error when handling "javascript:" home page can be exploited to execute script code in "about:sessionrestore" context.

7) An unspecified error exists when accessing a keyframe's cssText after dynamic modification.

8) The window.fullScreen property does not properly enforce the mozRequestFullscreen policy, which can be exploited to bypass the policy and spoof certain content.

9) Multiple unspecified errors can be exploited to corrupt memory.

Successful exploitation of vulnerabilities #1, #3, #6, #7, and #9 may allow execution of arbitrary code.

Secunia Advisory

craigevil · 03-15-2012, 12:15 AM

Whew I was worried there for a second.

Quote:

Solution
Update or upgrade to Firefox versions 11.0 or 10.0.3, Thunderbird versions 11.0 or 10.0.3, and SeaMonkey version 2.8.

Firefox and Thunderbird updated yesterday on my laptop to 11, and on my phone/Kindle Fire to 10.0.3.

win32sux · 04-25-2012, 08:30 AM

Firefox 12.0 has been released. It includes many security fixes. The relevant Secunia advisory is here.

Quote:

Multiple vulnerabilities have been reported in Mozilla Firefox and Thunderbird, which can be exploited by malicious people to conduct cross-site scripting and spoofing attacks, disclose certain system and sensitive information, bypass certain security restrictions, and compromise a user's system.